A Community for Fraud Prevention Professionals

Main menu

Category Archives: Know Your Customer

Historically, to facilitate money laundering criminals opened a legitimate business as a cover, and then used the business account to deposit and legitimize large sums of money. Large deposits into accounts were routinely overlooked by banking institutions and law enforcement alike. As laws have passed and restrictions to limit money laundering have been put into place the criminals have had to become a little more creative to fly under the radar. One devious method is to co-mingle ill-gotten gains with existing legitimate accounts (“layering”). Another method is called “smurfing”, where over the course of time many smaller transactions are deposited. Thus, no transaction is large enough to gather suspicion. In addition, the FATF has found that many organizations are now using Alternative Remittance Systems (ARS), especially terrorist financing operations. This informal funds transfer is also known as “underground” or “parallel banking”. ARS institutions generally have far fewer (or zero) restrictions in place and are thus much easier to utilize for the transfer of large amounts of illicit funds.

With criminal money laundering law enforcement can trace events from the crime(s) to the money. However, terrorist methodology uses money to fund an activity which has not yet taken place. Enforcement efforts are placed on stopping the crime before it occurs. The challenges are at opposite ends of the spectrum. The outcome of money laundering in a criminal case is the apparent legalization (or obfuscation) of criminal funds, whereas the outcome of money laundering in a terrorist case is a planned terrorist activity.

Gouvin points out several key challenges faced by law enforcement and governments with regard to recognizing and stopping money laundering by terrorists. These are outlined in his article as:

Without addressing each of the above challenges in length, one can see that fighting terrorist financing is a completely different ball game than fighting criminal money laundering. With no crime to follow toward the money, law enforcement personnel are driving in reverse, and it is very difficult to see through the back of your head!

Gouvin argues that our present financial system is simply not equipped well to locate and follow terrorist financial activities. The compliance programs that are currently in place (BSA, KYC, Patriot Act, elements of Patriot Act II, etc.) are producing mountains of CTR’s and SAR’s that are backlogging in a system that was never designed to review them. Criminals and terrorists alike know the kind of patterns and sizes of deposits that are being scrutinized and they either work around the system or in different systems entirely (such as the hard-to-regulate non-bank channels Gouvin mentions). OFAC lists are easily circumvented (simply don’t use your real name if you are on the list). Money laundering is not being effectively discovered or prevented, nor are terrorist financing efforts being thwarted.

As with most illegal activities, I do not believe there is a fool-proof way to completely eliminate criminal money laundering or terrorist financing. However, I do believe we can learn from what is not working. Hundreds of thousands of backlogged reports are not working. More scrutiny, harsher restrictions, and invasive policies are not working. Something more basic, creative, technological, automated, and practical is needed to surmount these challenges.

In my career in payment fraud prevention I have seen some very impressive minds create some very remarkable analysis and scoring systems that are geared at establishing a “risk score” for financial transactions. My recommendation would be to hire private-party software engineers such as these and task them with the creation of a system-wide (and eventually worldwide) financial filtering program. I would then fund an implementation effort where program interfaces could be disseminated to all financial institutions, in phases. To remain compliant with government regulations (and escape penalties) each financial institution would have to “tap in” to the system and report their transactions. The reporting would be automatic, and would be aggregated into a neural network that was programmed to look for known indicators of criminal money laundering and terrorist financing. The most suspicious activities would be filtered out for a small, highly trained human review team to investigate.

The main weakness in such a program would be its lack of penetration into the unregulated non-banking systems. My only recommendation for that would be to utilize some of the resources and personnel who were now twiddling their thumbs with no reports to review (since the bulk of them would have been eliminated by the finance neural network) to spend their time researching, investigating, and tracking the activities of nontraditional financial institutions, then report findings to appropriate local law enforcement or intelligence agencies.

International cooperation and teamwork would be paramount to not only implement the financial neural network worldwide but also combine forces to keep an eye on the unregulated institutions. Our greatest challenge would remain the ARS organizations in countries that are already uncooperative or unfriendly with us. In such cases, I suppose more traditional methods of intelligence would have to continue to be used (e.g., paid informants, cell penetration, covert ops, etc.).

If your day-to-day duties include AML efforts, do you find yourself inundated with compliance protocols? Has your institution been effective, in your view, in discovering and ceasing laundered funds? If you have any involvement in finding or tracing terrorist financing, what methods in general have been most effective (or would you have to kill us if you told us)?